Skip to content

Commit

Permalink
ksmbd: smb1: increment session refcnt
Browse files Browse the repository at this point in the history 
needed after commit 6f6416f ("ksmbd: fix user-after-free from
session log off"), as the ksmbd_user_session_put() call in server.c
will be called regardless of the protocol version.

Signed-off-by: Marios Makassikis <[email protected]>
Signed-off-by: Namjae Jeon <[email protected]>
  • Loading branch information
@namjaejeon
Marios Makassikis authored and namjaejeon committed Dec 2, 2024
1 parent 0e01afb commit 00e118b
Showing 1 changed file with 4 additions and 1 deletion.
5 changes: 4 additions & 1 deletion smb1pdu.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -336,8 +336,10 @@ int smb_check_user_session(struct ksmbd_work *work)
}

work->sess = ksmbd_session_lookup(conn, le16_to_cpu(req_hdr->Uid));
if (work->sess)
if (work->sess) {
ksmbd_user_session_get(work->sess);
return 1;
}
ksmbd_debug(SMB, "Invalid user session, Uid %u\n",
le16_to_cpu(req_hdr->Uid));
return -EINVAL;
Expand Down Expand Up @@ -1333,6 +1335,7 @@ int smb_session_setup_andx(struct ksmbd_work *work)
rc = -ENOENT;
goto out_err;
}
ksmbd_user_session_get(sess);
ksmbd_debug(SMB, "Reuse session ID: %llu, Uid: %u\n",
sess->id, uid);
} else {
Expand Down

0 comments on commit 00e118b

Please sign in to comment.